Multiple Vulnerabilities in Cisco Unified Communications Manager

Overview

Finding ID	Version	Rule ID	IA Controls	Severity
V-40165	2013-A-0165	SV-52102r2_rule	ECMT-1 ECMT-2 VIVM-1	High

Description
Cisco has released a security advisory addressing multiple vulnerabilities in Cisco Unified Communications Manager (CUCM). CUCM is the call processing component of the Cisco IP Telephony solution that extends enterprise telephony features and functions to packet telephony network devices such as IP phones, media processing devices, VoIP gateways, and multimedia applications. To exploit these vulnerabilities, an attacker would send malformed packets to an affected device. If successfully exploited, an unauthenticated, remote attacker would execute arbitrary code or cause a denial-of-service condition. <br><br> At this time, there are known exploits associated with these vulnerabilities; USCYBERCOM is not aware of any DoD related incidents.

Description

Cisco has released a security advisory addressing multiple vulnerabilities in Cisco Unified Communications Manager (CUCM). CUCM is the call processing component of the Cisco IP Telephony solution that extends enterprise telephony features and functions to packet telephony network devices such as IP phones, media processing devices, VoIP gateways, and multimedia applications. To exploit these vulnerabilities, an attacker would send malformed packets to an affected device. If successfully exploited, an unauthenticated, remote attacker would execute arbitrary code or cause a denial-of-service condition. <br><br> At this time, there are known exploits associated with these vulnerabilities; USCYBERCOM is not aware of any DoD related incidents.

STIG	Date
VMware ESXi Server 5.0 Security Technical Implementation Guide	2013-09-12

Details

Check Text ( None )
None

Fix Text (None)
None